Re: iptables; some IPs are getting through netmasks

To: debian-user@lists.debian.org
Subject: Re: iptables; some IPs are getting through netmasks
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Date: Sun, 23 Dec 2012 16:33:35 +0100
Message-id: <[🔎] 50D7244F.2090508@plouf.fr.eu.org>
In-reply-to: <[🔎] 08061af2-891c-4a02-9e13-2f9309dddfcb@googlegroups.com>
References: <[🔎] 08061af2-891c-4a02-9e13-2f9309dddfcb@googlegroups.com>

Hello,

Mark Ford a écrit :
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> pests      tcp  --  0.0.0.0/0            0.0.0.0/0
[...]
> Chain pests (1 references)
> target     prot opt source               destination
> DROP       tcp  --  1.85.17.0/24         0.0.0.0/0
> DROP       tcp  --  67.228.245.0/24      0.0.0.0/0

Please note that iptables -L does not print the complete rules. Consider
using iptables-save instead.

> It seems to work, except I find emails from certain IPs are
> still getting through, and it's always when I have set a /24 netmask.
> 
> For example, in a recent email, the header was...
> 
> Received: from mail10.mydailyflog.com ([67.228.245.121])
> 
> ...even though I had the IP range 67.228.245.0/24 in my "pests"
> chain.

Are you sure that the mail was received directly from that address by
the host with the iptables rules, and was not relayed by another MTA ?

Reply to:

References:
- iptables; some IPs are getting through netmasks
  - From: Mark Ford <t447806929460@googlemail.com>

Prev by Date: Re: Why lintian overrides shipped in (binary) debs?
Next by Date: Re: Freeze accounts
Previous by thread: iptables; some IPs are getting through netmasks
Next by thread: Re: iptables; some IPs are getting through netmasks
Index(es):
- Date
- Thread